Credibility and consequences vexing both Twitter and users

By Gerry Shih / Reuters, SAN FRANCISCO

Does Twitter have a credibility problem?

For many, a single fake tweet from the Associated Press (AP) account that briefly roiled financial markets on Tuesday, driving the Dow Jones Industrial Average down about 145 points, vividly reaffirmed the fearsome, near-instantaneous power of the 140-character message.

However, the security lapse also revived doubts about Twitter’s place in the media landscape — and its ultimate value — at a moment when its status as one of today’s essential information networks had seemed all but cemented.

Just a week after social media networks took criticism for helping circulate misinformation about the alleged perpetrators of the Boston Marathon bombing, Twitter’s security shortcomings fell under a harsh spotlight on Tuesday after a hacker group commandeered the AP Twitter account and falsely reported that explosions in the White House had injured US President Barack Obama.

The AP was only the latest hacking victim in recent days after Twitter accounts belonging to National Public Radio, CBS’ 60 Minutes and others were breached. Last year, Reuters News was the victim of hackers who briefly took over one of its Twitter accounts and posted false tweets.

The latest hack was by far the most significant: the single AP tweet stunned investors and effectively wiped out US$136.5 billion of the S&P 500 index’s value in a matter of minutes.

Although the news agency later disclosed that one of its employees may have inadvertently given away company passwords as the result of a “phishing” attack by the hackers, security experts quickly faulted Twitter for its longstanding failure to implement two-factor authentication, a double-layered password feature used by the likes of Google and Microsoft that might have prevented the spate of high-profile Twitter hijackings.

“It’s one of those cases that we are seeing too often. It’s getting unnerving,” said Robert Quigley, a journalism lecturer specializing in social media at the University of Texas. “What media organizations need to do is pressure Twitter to have a more secure Web site.”

Twitter declined to comment for this article.

The company has also repeatedly declined to discuss its product roadmap, although it has signaled that it will soon unveil two-factor authentication, including a public job posting in February that suggested it was hiring to tackle the problem.

Mark Risher, the founder of a security consultancy that counts social media companies Pinterest and Tumblr among its clients, said introducing more measures like two-factor authentication would make Twitter more cumbersome to use and potentially slow its user growth — a critical concern for a company that relies on advertising revenues.

He warned that a prolonged rash of high-profile hacks, and an eroding sense of user trust, would hurt Twitter more.

For Twitter, the hacking has raised questions about its credibility just as it is beginning to assume a central role in a fast-changing media landscape, with the volume of tweets rising to more than 400 million a day.

Earlier this month, the US Securities and Exchange Commission ruled that US companies may report material information such as quarterly results on Twitter, as long as investors are alerted in advance. Days later, Bloomberg L.P. said it would funnel Twitter directly into its terminals used by thousands of traders on Wall Street.